org.apache.mesos:mesos@1.4.2 vulnerabilities
-
latest version
1.11.0
-
latest non vulnerable version
-
first published
12 years ago
-
latest version published
3 years ago
-
licenses detected
- [0.9.0-incubating,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.apache.mesos:mesos package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.apache.mesos:mesos is a The Apache Mesos Java API jar. Affected versions of this package are vulnerable to Out-of-bounds. When parsing a JSON payload with deeply nested JSON structures, the parser in Apache Mesos versions might overflow the stack due to unbounded recursion. A malicious actor can therefore cause a denial of service of Mesos masters rendering the Mesos-controlled cluster inoperable. How to fix Out-of-bounds? Upgrade |
[1.7.0,1.7.1)
[1.6.0,1.6.2)
[1.5.0,1.5.2)
[,1.4.3)
|